EncryptHub continues to exploit a Microsoft Windows vulnerability (CVE-2025-26633) using social engineering tactics like fake Teams requests to deliver malicious payloads. Their sophisticated methods include abusing legitimate platforms, deploying multiple backdoors, and blending malware communications with normal network traffic. #EncryptHub #CVE-2025-26633
Keypoints
- EncryptHub targets Windows systems by exploiting the CVE-2025-26633 vulnerability through social engineering campaigns.
- The threat group uses fake video conferencing platforms and malicious MSC files to deploy malware.
- Attackers utilize legitimate platforms like Brave Support to host malware payloads, bypassing security measures.
- Multiple malware components, including backdoors and stealer tools, are used to maintain persistence and steal data.
- Layered defense, threat intelligence, and user training are critical to mitigating these complex threats.
Read More: https://thehackernews.com/2025/08/russian-group-encrypthub-exploits-msc.html